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This listing of claims replaces all prior versions, and 
listings of claims in the instant application: 

Listing of Claims; 

1. (Currently Amended) A smart card for communication 
with an electronic device, comprising: 

a memory, on said smart card, storing therein (1) an 
application program; (2) a security manager; and (3) a 
capabilities list associated with said application 
program, said capabilities list including information 
regarding whether access to one or more resources for use 
by said application program is permitted wherein said 
capabilities list and said application program constitute 
a load package received by said smart card ; and 

a processing unit, on said smart card, for executing 
said application program and said security manager, 

wherein upon said processing unit executing said 
application and said security manager, and when said 
executing application requests access to at least one 
of said one or more resources, said executing 
security manager selectively grants access to said at 
least one of said one or more resources for use by 
said executing application program based at least in 
part on said information in said capabilities list. 

2. (Previously Presented) The smart card of claim 1 
wherein said one or more resources comprise at least one of 
data and functions. 

3. (Previously Presented) The smart card of claim 1 
wherein said one or more resources comprise one or more 
resources external to said smart card. 
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4. (Previously Presented) The smart card of claim 3, 
further comprising at least one of: 
terminal side resources; and 
channels of a communications network. 



5. (Previously Presented) The smart card of claim 1 
wherein said one or more resources comprise one or more 
resources owned by at least one of said application program and 
another entity. 

6. (Previously Presented) The smart card of claim 5 
wherein said other entity comprises at least one of: 

an operating system of said smart card; and 
another application program. 

7. (Previously Presented) The smart card of claim 1 
wherein said information in said capabilities list comprises 
information regarding at least one of: 

access rights; and 

information required for access to a resource. 

8. (Previously Presented) The smart card of claim 1 
wherein said capabilities list comprises a first capabilities 
list and said memory also stores a second capabilities list, 
said first capabilities list comprising a handle to link to 
said second capabilities list. 

9. (Previously Presented) The smart card of claim 8 
wherein said second capabilities list is associated with one or 
more of other application programs. 
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10. (Previously Presented) The smart card of claim 1 
wherein said application program is for requesting access to a 
resource . 
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11. (Previously Presented) The smart card of claim 1 
wherein 

said application program is for transmitting a resource 
access request to said security manager; and 

said security manager is for transmitting a verify 
request to a verification program to examine said 
capabilities list to determine whether said application 
program is authorized to access said resource, and for 
performing or denying said requested action based at least 
in part on said examination. 

12. (Previously Presented) The smart card of claim 11 
wherein said security manager comprises an application program 
interface (API) . 

13. (Previously Presented) The smart card of claim 11 
wherein said security manager is for obtaining information 
regarding said requesting application program through one of 
inquiring at a context originating the resource access request 
and a parameter provided with said resource access request. 

14. (Previously Presented) The smart card of claim 1, 
further comprising input/output means for receiving said 
capabilities list from at least one of a provider of said 
application program and an owner of said one or more resources. 



15. (Cancelled) 
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16. (Currently Amended) The smart card of claim 1 
wherein said smart card dcvicQ is configured to modify said 
capabilities list based at least in part on a subsequently 
received capabilities update list associated with said 
application program. 
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17. (Previously Presented) The smart card of claim 1 
wherein said smart card is configured to delete said 
capabilities list or link and access rights upon receiving an 
instruction to delete said application program from the 
outside . 



18. (Previously Presented) The smart card of claim 1 
wherein 

said capabilities list is encrypted; and 
said processor is configured to decrypt said 
capabilities list . 

19. (Previously Presented) The smart card of claim 1 
wherein 

said capabilities list is cryptographically signed by 
at least one of a provider of said application program and 
an owner of said one or more resources; and 

said processor is configured to cryptographically 
authenticate said capabilities list. 

20. (Currently Amended) The smart card of claim 19 
wherein said processor is further configured to 

cryptographically authenticate' said capabilities list when said 
capabilities list is stored on said smart card dcvicc . 
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21. (Previously Presented) The smart card of claim 19 
wherein said processor is further configured to 

cryptographically authenticate said capabilities list when said 
capabilities list is accessed, said capabilities list being 
successfully authenticated if a first fingerprint computed over 
said capabilities list upon storing capabilities list matches a 
second fingerprint computed over said capabilities list in 
response to a run-time request to use said capabilities list. 
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22. (Previously Presented) The smart card of claim 1 
wherein said application program comprises a plurality of 
modules . 

23. (Previously Presented) The smart card of claim 1 
wherein said application program comprises a Java application 
program or a Java Card™ applet. 

24. (Previously Presented) The smart card of claim 1 
wherein said capabilities list is embodied in a tag-length- 
value (TLV) structure. 

25. (Currently Amended) A method for controlling a smart 
card, the smart card for communication with an electronic 
device, the method comprising: 

receiving, on said smart card, a load package 
comprising a capabilities list and an application program; 

storing, on said smart card, a^said application 
program; 

storing, on said smart card, asaid capabilities list 
associated with said application program, said 
capabilities list comprising information regarding whether 
access to one or more resources for use by said 
application program is permitted; and 

executing, on said smart card, said application 
program and a security manager, 



wherein upon said executing application 
requesting access to at least one of said one or more 



resources, 
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selectively grants access to said at least one of 
said one or more resources for use by said 
application program based at least in part on said 
information in said capabilities list. 
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26. (Original) The method of claim 25 wherein said one 
or more resources comprise at least one of data and functions. 

27. (Previously Presented) The method of claim 25 
wherein said one or more resources comprise one or more 
resources external to said smart card. 



28. (Previously Presented) The method of claim 27 
wherein said smart card further comprises at least one of: 
terminal side resources; and 
channels of a communications network. 



29. (Original) The method of claim 25 wherein said one 
or more resources comprise one or more resources owned by at 
least one of said application program and another entity. 

30. (Previously Presented) The method of claim 29 
wherein said other entity comprises at least one of: 

an operating system of said smart card; and 
another application program. 

31. (Previously Presented) The method of claim 25 
wherein said information in said capabilities list comprises 
information regarding at least one of: 

access rights; and 

information required for access to a resource. 
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32. (Previously Presented) The method of claim 25 
wherein said capabilities list comprises a first capabilities 
list and said method further comprises: 

storing, on said smart card, a second capabilities 

list, said first capabilities list comprising a handle to 

link to said second capabilities list. 
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33. (Previously Presented) The method of claim 32 
wherein said second capabilities list is associated with one or 
more of other application programs. 

34. (Original) The method of claim 25 wherein said 
executing further comprises said application program requesting 
access to a resource. 



35. (Original) The method of claim 25 wherein said 
executing further comprises: 

said application program transmitting a resource access 
request to said security manager; and 

said security manager transmitting a verify request to 
a verification program to examine said capabilities list to 
determine whether said application program is authorized to 
access said resource, and performing or denying the 
requested action based at least in part on said examination. 

36. (Original) The method of claim 35 wherein said 
security manager comprises an application program interface 
(API) . 



37. (Previously Presented) The method of claim 3 5 
wherein said security manager obtains information regarding 
said requesting application program through at least one of 
inquiring at a context originating said resource access 
request, and a parameter provided with said resource access 
request . 
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38. (Original) The method of claim 25, further 
comprising receiving said capabilities list from at least one 
of a provider of said application program and an owner of said 
one or more resources . 
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39. (Cancelled) 



40. (Original) The method of claim 25, further 
comprising modifying said capabilities list based at least in 
part on a subsequently received capabilities update list 
associated with said application program. 

41. (Original) The method of claim 25, further 
comprising deleting said capabilities list or link and access 
rights upon receiving an instruction to delete said application 
program from the outside. 

42. (Original) The method of claim 25 wherein 
said capabilities list is encrypted; and 
said method further comprises decrypting said 

capabilities list . 

43. (Original) The method of claim 25 wherein 

said capabilities list is cryptographically signed by 
at least one of a provider of said application program and 
an owner of said one or more resources; and 

said method further comprises cryptographically 
authenticating said capabilities list. 

44. (Currently Amended) The method of claim 25, further 
comprising cryptographically authenticating said capabilities 
list when said capabilities list is stored on said smart 
card dovicc . 



45. (Original) The method of claim 25, further 
comprising cryptographically authenticating said capabilities 
j list when said capabilities list is accessed, said capabilities 
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computed over said capabilities list upon storing capabilities 
list matches a second fingerprint computed over said 
capabilities list in response to a run-time request to use said 
capabilities list . 

46. (Original) The method of claim 25 wherein said 
application program comprises a plurality of modules 

47. (Original) The method of claim 25 wherein said 
application program comprises a Java application program or a 
Java Card™ applet. 

48. (Original) The method of claim 25 wherein said 
capabilities list is embodied in a tag- length- value (TLV) 
structure . 
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49. (Currently Amended) A program storage device 
readable by a machine, embodying a program of instructions 
executable by the machine to perform a method for controlling a 
smart card, the smart card for communication with an electronic 
device, the method comprising: 

receiving, on said smart card, a load package 
comprising a capabilities list and an application program; 

storing, on said smart card, afisaid application 
program; 

storing, on said smart card, asaid capabilities list 
associated with said application program, said 
capabilities list comprising information regarding whether 
access to one or more resources for use by said 
application program is permitted; and 

executing, on said smart card, said application 
program and a security manager, 

wherein upon said executing application 

requesting access to at least one of said one or more 



Page 10 of 23 



Appl. No. 10/805,429 

Amdt. dated December 2, 2 008 

Reply to Office Action of September 3, 2008 



resources, said cxcucting executing security manager 
selectively grants access to said at least one of 
said one or more resources for use by said 
application program based at least in part on said 
information in said capabilities list. 



50. (Original) The program storage device of claim 49 
wherein said one or more resources comprise at least one of 
data and functions. 



51. (Previously Presented) The program storage device of 
claim 4 9 wherein said one or more resources comprise one or 
more resources external to said smart card. 



52. (Previously Presented) The program storage device of 
claim 51 wherein said smart card further comprises at least one. 
of: 

terminal side resources; and 
channels of a communications network. 



53. (Original) The program storage device of claim 49 
wherein said one or more resources comprise one or more 
resources owned by at least one of said application program and 
another entity. 

54. (Previously Presented) The program storage device of 
claim 53 wherein said other entity comprises at least one of: 

an operating system of said smart card; and 
another application program. 



55. (Previously Presented) The program storage device of 
claim 49 wherein said information in said capabilities list 
comprises information regarding at least one of: 
gunnison, mckay & access rights; and 
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information required for access to a resource. 



56. (Previously Presented) The program storage device of 
claim 49 wherein said capabilities list comprises a first 
capabilities list and said method further comprises: 

storing, on said smart card, a second capabilities 
list, said first capabilities list comprising a handle to 
link to said second capabilities list. 

57. (Original) The program storage device of claim 56 
wherein said second capabilities list is associated with one or 
more of other application programs. 

58. (Original) The program storage device of claim 49 
wherein said executing further comprises said application 
program requesting access to a resource; and 

59. (Original) The program storage device of claim 49 
wherein said executing further comprises: 

said application program transmitting a resource 
access request to said security manager; and 

said security manager transmitting a verify request 
to a verification program to examine said capabilities 
list to determine whether said application program is 
authorized to access said resource, and performing or 
denying the requested action based at least in part on 
said examination. 



60. (Original) The program storage device of claim 59 
wherein said security manager comprises an application program 
interface (API) . 
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61. (Previously Presented) The program storage device of 
claim 59 wherein said security manager obtains information 
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regarding said requesting application program through at least 
one of inquiring at a context originating said resource access 
request, and a parameter provided with said resource access 
request . 

62. (Original) The program storage device of claim 49, 
said method further comprising receiving said capabilities list 
from at least one of a provider of said application program and 
an owner of said one or more resources. 



63. (Cancelled) 



64. (Original) The program storage device of claim 49, 
said method further comprising modifying said capabilities list 
based at least in part on a subsequently received capabilities 
update list associated with said application program. 

65. (Original) The program storage device of claim 49, 
said method further comprising deleting said capabilities list 
or link and access rights upon receiving an instruction to 
delete said application program from the outside. 

66. (Original) The program storage device of claim 49 
wherein 

said capabilities list is encrypted; and 
said method further comprises decrypting said 
capabilities list . 
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67. (Original) The program storage device of claim 49 
wherein 

said capabilities list is cryptographically signed by 
at least one . of a provider of said application program and 
an owner of said one or more resources; and 
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said method further comprises cryptographically 
authenticating said capabilities list. 

68. (Currently Amended) The program storage device of 
claim 67, said method further comprising cryptographically 
authenticating said capabilities list when said capabilities 
list is stored on said smart card dcvicc . 



69. (Original) The program storage device of claim 67, 
said method further comprising cryptographically authenticating 
said capabilities list when said capabilities list is accessed, 
said capabilities list being successfully authenticated if a 
first fingerprint computed over said capabilities list upon 
storing capabilities list matches a second fingerprint computed 
over said capabilities list in response to a run-time request 
to use said capabilities list. 

70. (Original) The program storage device of claim 49 
wherein said application program comprises a plurality of 
modules . 



71. (Original) The program storage device of claim 49 
wherein said application program comprises a Java application 
program or a Java Card™ applet. 

72. (Original) The program storage device of claim 4 9 
wherein said capabilities list is embodied in a tag- length- 
value (TLV) structure. 



73. (Currently Amended) An apparatus for controlling a 
smart card, the smart card for communication with an electronic 
device, the apparatus comprising: 



GUNNISON, McKAY & 

HODGSON, L.L.P. 
Garden West Office Plaza 
1900 Garden Road, Suite 220 
Monterey, CA 93940 

(831)655-0580 
Fax (831) 655-0888 



Page 14 of 23 



Appl. No. 10/805,429 

Amdt. dated December 2, 2008 

Reply to Office Action of September 3, 2008 



means for receiving, on said smart card, a load 
package comprising a capabilities list and an application 
program; 

means for storing, on said smart card, a** said 
application program; 

means for storing, on said smart card, e said 
capabilities list associated with said application 
program, said capabilities list comprising information 
regarding whether access to one or more resources for use 
by said application program is permitted; and 

means for executing, on said smart card, said 
application program and a security manager, 

wherein upon said executing application 
requesting access to at least one of said one or more 
resources, said cxcuc t ing execut ing security manager 
selectively grants access to said at least one of 
said one or more resources for use by said 
application program based at least in part on said 
information in said capabilities list. 

74. (Original) The apparatus of claim 73 wherein said 
one or more resources comprise at least one of data and 
functions . 

75. (Previously Presented) The apparatus of claim 73 
wherein said one or more resources comprise one or more 
resources external to said smart card. 

76. (Previously Presented) The apparatus of claim 75 
wherein said smart card further comprises at least one of : 

terminal side resources; and 
channels of a communications network. 
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77. (Original) The apparatus of claim 73 wherein said 
one or more resources comprise one or more resources owned by 
at least one of said application program and another entity. 

78. (Previously Presented) The apparatus of claim 77 
wherein said other entity comprises at least one of: 

an operating system of said smart card; and 
another application program. 

79. (Previously Presented) The apparatus of claim 73 
wherein said information in said capabilities list comprises 
information regarding at least one of: 

access rights; and 

information required for access to a resource. 

80. (Previously Presented) The apparatus of claim 73 
wherein said capabilities list comprises a first capabilities 
list and said apparatus further comprises: 

means for storing, on said smart card, a second 
capabilities list, said first capabilities list comprising 
a handle to link to said second capabilities list. 

81. (Previously Presented) The smart card of claim 80 
wherein said second capabilities list is associated with one or 
more of other application programs. 

82. (Original) The apparatus of claim 73 wherein said 
means for executing further comprises said means for requesting 
access to a resource. 
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83. (Original) The apparatus of claim 73 wherein said 
means for executing further comprises: 

said application program transmitting a resource access 
request to said security manager; and 
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said security manager transmitting a verify request to 
a verification program to examine said capabilities list to 
determine whether said application program is authorized to 
access said resource, and performing or denying the 
requested action based at least in part on said examination. 

84. (Original) The apparatus of claim 73 wherein said 
security manager comprises an application program interface 
(API) . 



85. (Original) The apparatus of claim 73 wherein said 
security manager obtains information regarding said requesting 
application program through at least one of inquiring at a 
context originating said resource access request, and a 
parameter provided with said resource access request. 

86. (Original) The apparatus of claim 73, further 
comprising means for receiving said capabilities list from at 
least one of a provider of said application program and an 
owner of said one or more resources. 



87. (Cancelled) 



88. (Original) The apparatus of claim 73, further 
comprising means for modifying said capabilities list based at 
least in part on a subsequently received capabilities update 
list associated with said application program. 

89. (Original) The apparatus of claim 73, further 
comprising means for deleting said capabilities list or link 
and access rights upon receiving an instruction to delete said 
application program from the outside. 
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90. (Previously Presented) The apparatus of claim 73 
wherein 

said capabilities list is encrypted; and 
said apparatus further comprises means for 
decrypting said capabilities list. 

91. (Previously Presented) The apparatus of claim 73 
wherein 

said capabilities list is cryptographically signed by 
at least one of a provider of said application program and 
an owner of said one or more resources; and 

said apparatus further comprises means for 
cryptographically authenticating said capabilities list. 

92. (Currently Amended) The apparatus of claim 91, 
further comprising means for cryptographically authenticating 
said capabilities list when said capabilities list is stored on 
said smart card dcvicc . 

93. (Original) The apparatus of claim 91, further 
comprising means for cryptographically authenticating said 
capabilities list when said capabilities list is accessed, said 
capabilities list being successfully authenticated if a first 
fingerprint computed over said capabilities list upon storing 
capabilities list matches a second fingerprint computed over 
said capabilities list in response to a run-time request to use 
said capabilities list. 

94. (Original) The apparatus of claim 73 wherein said 
application program comprises a plurality of modules 
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95. (Original) The apparatus of claim 73 wherein said 
application program comprises a Java application program or a 
Java Card™ applet . 
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96. (Original) The apparatus of claim 73 wherein said 
capabilities list is embodied in a tag- length- value (TLV) 
structure . 

97. (Cancelled) 

98. (Cancelled) 

99. (Cancelled) . 
100 . (Cancelled) . 
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